ISPs Must Protect Privacy Or Pay The Price

Paul Whytock | Jun 10, 2010

Internet privacy has been hitting the headlines with Internet service providers (ISPs) facing tough scrutiny from the European Union and the Office of Fair Trading (OFT) in the United Kingdom. In fact, the potential battle between Europe’s regulators and the big ISPs has been rumbling for a couple of years now.

Even Web inventor Sir Tim Berners-Lee has expressed his concern about how the browser companies can capture and then sell the browsing habits of surfers to advertisers. The idea is simple. Those advertising companies could then bombard Internet users with advertisements that relate to their surfing history.

Are these practices a good idea or a gross invasion of privacy? Sir Tim’s thinking is unequivocal. He refuses to use any ISP that implements such a tracking system. He believes that the surfing history Web users create is private and should not be accessible to any organisation unless the users give their permission, and I agree.

Here in the U.K., ISPs could potentially fall afoul of the law. The Regulation of Investigatory Powers Act makes the interception of any transmission across a public telecommunication system illegal without the explicit consent of its users. So, ISPs would have to have the users’ consent prior to snooping into their Internet usage. That means an opt-in system.

The OFT may consider formally regulating what has been a self-governing industry. It has already said it will consider punitive action if companies not only used targeted advertising but also varied the price of goods they displayed to different customers according to previous online purchasing behaviour or geographic location. In the OFT’s view, any failure to inform consumers about targeted pricing would be a violation of consumer rights and could prompt regulatory action.

The U.K. isn’t the only nation that’s concerned about the security and exploitation of personal data harvested from the Internet. For many years now, Germany has been a vociferous upholder of personal privacy laws regarding its citizens.

Google is already in a dispute with the German city of Hamburg over data gathered from unsecured home networks by the roving vehicles building up Google’s Street View information. Hamburg city prosecutors have asked for the data, but so far, the Internet company hasn’t complied with the request. Hamburg prosecutors have opened a criminal investigation.

While all these rumblings are happening over personal privacy issues when people are surfing or receiving e-mails, the EU Commission is sitting in the background taking notes. ISPs beware. Microsoft can testify that the EU Commission does have very sharp teeth when it comes to companies that break the rules. It handed the U.S. software company a $794 million fine for contravening competition laws. The Internet companies would do well to bear that in mind.